﻿<?php
error_reporting(0);     
require('smarty/mysmarty.php');
require_once( 'DBConfig.php' );


$link = mysql_connect($AdminHost, $AdminUser, $AdminPassword);
$aDB =mysql_select_db($AdminDatabase , $link)or die( "Sesija je istekla");

$korime = $_POST['usrname'];
$sifra = md5($_POST['pass']);

$aSQL = "SELECT username,nivopristupa FROM autori WHERE  username = '$korime' and length(username)= length('$korime') AND (password = '$sifra')";

$aQResult = mysql_query($aSQL) or die(mysql_error());
$rez=mysql_num_rows($aQResult);
 if ($rez==0)
{
	$smarty = new My_smarty();
	$smarty->assign('greska',"<font color='#FF0000'>*</font>");
	$smarty->display('login.tpl');
}
else
{
    //$aQResult = mysql_query("SELECT * FROM autori WHERE  username = '$korime'") or die(mysql_error());     
    //echo mysql_result($aQResult,0,"nivopristupa")==100;
    if (mysql_result($aQResult,0,"nivopristupa")==100)
    {
	    session_start();
	    $_SESSION["adminusername"] = $korime;

	    $smarty = new My_smarty();

        $smarty->assign('username',$korime); 
	    $smarty->display('index.tpl');
    }
    else
    {
         echo "Nemate pristup ovom delu sajta";
    }
}
mysql_close();

?>